Few industries were impacted by the pandemic as much as retail was. Unable to open their physical stores and forced into scaling up their ecommerce platforms, the industry has had to adapt fast. A year and a half later, the retail landscape has changed significantly. And with change comes new challenges.
Credential theft on the rise
Now a newly digitally savvy sector, retailers are faced with many unwanted issues. The industry’s vulnerability to cyber-attacks has increased as stores of every shape and size pivoted to eCommerce platforms in an attempt to continue trading and remain profitable. Consequently, growing customer information, including personal and financial data, is becoming too challenging to resist malicious cyber hackers. The retail industry continues to be a target for financially motivated criminals looking to cash in on the combination of payment cards and personal information this sector is known for.
In fact, from the 2021 Verizon Data Breach Investigations Report, financial motivation accounts for 99% of breaches. The report also highlighted that 44% of data comprised is payment related, 41% personal and 33% credentials.
Flushing out the insider threats
Some things remain the same, insider threats continue to be a problem for retailers. The pandemic has also had a hand in this. Due to multiple lockdowns, retail institutions have moved and adapted swiftly to adjust their turbulent operations while managing a remote workforce. Without sufficient cybersecurity processes in place to support remote working, retailers are left vulnerable to insider threats. Whether it’s a corrupt employee or an under trained staff force, remote systems not built for self-protection will suffer.
What’s more, many retail players have had to outsource parts of their business processes to third parties to survive the turbulence of COVID-19. For example, online ordering relies on huge amounts of planning, supply chain management and delivery partners. The more external parties involved with a company system, leaves the institution more and more vulnerable.
Giving bad bots the boot
Another cybersecurity concern for the retail sector that has escalated during the pandemic is the rise of ‘bad bots’, in fact around 30 percent of all web traffic is made up of them. Bad bots interact with applications in the same way, a legitimate, human user, making them a lot harder to detect and prevent. They enable high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs. They also allow bot operators, attackers, unsavoury competitors, and not to mention, fraudsters, to perform a wide array of malicious activities. Attacks include denial of inventory, scalping, scraping and credential stuffing. Bot attacks result in poor website performance and the exposure of sensitive customer data and lost revenue for the retailer.
A safe future with the cloud
There’s no doubt that technology has been a huge enabler for many retailers to stay relevant over the past 18 months. The move to eCommerce platforms has been a turning point for many. Yet it is the evolution of cloud computing, which was traditionally valued for its cost saving capabilities, that is now invested in for its enablement for future innovation in retail. Cloud-based technologies also allow retail institutions to implement critical cybersecurity measures that prove extremely difficult to penetrate including Zero Trust Architecture (ZTA). Through a ZTA approach, no actor who wants access to the retailer’s resources or services in the network is trusted from the outset. This means every access, whether from outside or inside, is individually authenticated.
Retailers can also lose insider threats, maliciously intended or not through disconnecting the end user environment from the corporate hosting environment. The combination of a cloud security software that only grants access to shared applications and not to the entire corporate network while allowing top-level managers to restrict access to data ensures that sensitive files can only be downloaded from the server to the end device authorisation.
Secure end to end cloud software will also ensure that bad bots are well and truly dealt with. Cloud-based software that includes shielded logins, disconnecting the end user environment as well as ZTA makes the ideal combination to fend off bad bots.
The retail industry will continue to face these evolving cyber threats as the demand for eCommerce increases. However, with customers’ financial and personal data on the line, it is the retailers responsibility to prioritise cyber security. Investing and implementing an end-to-end cloud-based security solution, is a simple yet highly effective way to combat these cyber concerns in 2021.